[Bug 460316] Re: clamav-base package contains very big clamav data files (main.cvd and daily.cvd) from clamav-data package

Launchpad Bug Tracker 460316 at bugs.launchpad.net
Sat Jun 16 02:55:14 UTC 2012 

This bug was fixed in the package clamav - 0.97.5+dfsg-1ubuntu1

---------------
clamav (0.97.5+dfsg-1ubuntu1) quantal; urgency=low

  * Merge from Debian Unstable.  Remaining Ubuntu changes:
    - Drop build-dep on electric-fence (in Universe)
    - Add apparmor profiles for clamd and freshclam along with maintainer
      script changes
  * New upstream version no longer includes virus definition files
   (LP: #460316)

clamav (0.97.5+dfsg-1) unstable; urgency=medium

  [ Scott Kitterman ]
  * Urgency medium due to security fixes
  * New upstream release (Closes: #669370)
    - Addresses possible evasion cases in some archive formats (CVE-2012-1419,
      CVE-2012-1457, CVE-2012-1458, CVE-2012-1459) (Closes: #668273)
    - Repack tarball to remove non-free unrar code and win32 directory
    - Add contrib/split-tarball.sh and docs/man/clambc.1 in the diff.gz
      (these used to be added to the Debian specific upstream tarball, but
      aren't upstream so are better in the diff)
    - Change etc/clamav-milter.conf to Debian defaults
  * Enabled hardened build flags (Closes: #653958)
    - Thanks to Moritz Muehlenhoff for the patch
  * Remove var/lib/clamav/daily.cvd and main.cvd from clamav-base.examples
    because they aren't installed by the build system anymore (and are
    provided only as empty files in the upstream tarball)
  * Fix typos in README.Debian (Closes: #667831)
  * Update libclamav6 binary lintian override to match current filename
  * Bump standards version to 3.9.3 without further change

  [ Stephen Gran ]
    - Add a note about RAR functionality to README.Debian (Closes: #652009)

clamav (0.97.3+dfsg-2.2) unstable; urgency=low

  * Non-maintainer upload.
  * Fix "FTBFS: llvm/lib/ExecutionEngine/JIT/Intercept.cpp:69:67: error:
    'lseek64' was not declared in this scope": add missing <unistd.h> include.
    Also fixed in upstream git already [bb8ab5c].
    (Closes: #674330)
 -- Scott Kitterman <scott at kitterman.com>   Fri, 15 Jun 2012 21:20:04 -0400

** Changed in: clamav (Ubuntu)
       Status: Incomplete => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1419

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1457

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1458

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1459

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in Ubuntu.
https://bugs.launchpad.net/bugs/460316

Title:
  clamav-base package contains very big clamav data files (main.cvd and
  daily.cvd) from clamav-data package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/460316/+subscriptions

More information about the Ubuntu-server-bugs mailing list